The 'established' keyword lets packets with ACK or RST bits set to enter secured network. In other words, if a TCP session is initiated from the inside network to a host in un-trusted outside network, the packets coming from destination to source for that session will be allowed.
It is not really stateful inspection. For stateful inspection consider CBACs.
Without established, the returning packets will not be able to enter your interface. Usually, you will let everything go out from your site. But coming in, you will define ACL with established. Note, however, established wont allow active protocols like FTP to enter (as it is not inspecting packets). However, passive FTP should work fine.
We are pleased to announce availability of Beta software for 16.6.3. 16.6.3 will be the second rebuild on the 16.6 release train targeted towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are looking for early feedback from custome...